Tavis Ormandy reported that Valgrind loads a .valgrindrc file in the current working directory, executing commands specified there.

Impact

A local attacker could prepare a specially crafted .valgrindrc file and entice a user to run Valgrind from the directory containing that file, resulting in the execution of arbitrary code with the privileges of the user running Valgrind.